Hi OpenSSL users, We are planning to use ECDH Algorithm(Group 19) in an Embedded System Product for the shared secret key generation. When I go through the code, I understand that it requires engine libraries/files from the following folders:
\openssl-3_1_3\crypto\engine\ \openssl-3_1_3\engines\ \openssl-3_1_3\apps\lib\ When I am trying to generate shared secret key using following API's: EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1); EC_KEY_new(); EC_KEY_set_group(); EC_KEY_generate_key(); These API's uses/Access assembly code(directly or indirectly) by following conditional compilation macros: OPENSSL_NO_ENGINE OPENSSL_NO_AUTOLOAD_CONFIG OPENSSL_NO_RDRAND OPENSSL_NO_PADLOCKENG OPENSSL_NO_AFALGENG OPENSSL_NO_STATIC_ENGINE I have few questions in my mind: 1. Is it recommended to use ECDH Algorithm (Group 19) for an embedded product ? does ECDH (Group 19) requires any hardware support? 2. If ECDH Algorithm (Group 19) recommended, How will be the performance? 3. If ECDH Algorithm (Group 19) not recommended, What would be the simple & secure DH or ECDH algorithm for shared secret key generation? Thanks for your help. Thanks & Regards, Damodhar. +91-7702191212 General
